package com.capgemini.expense;

import java.util.Date;
import java.util.UUID;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.FormParam;
import javax.ws.rs.OPTIONS;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;

import com.capgemini.expense.dao.EmployeeDao;
import com.capgemini.expense.dao.TokenDao;
import com.capgemini.expense.model.Employee;
import com.capgemini.expense.model.ExpenseContext;

@Path("/userService")
public class UserService {

	@OPTIONS
	@Path("/login")
	public void login(@FormParam("email") String email, @FormParam("password") String password, @Context HttpServletResponse response,
			@Context HttpServletRequest req) {
		response.setHeader("Access-Control-Allow-Origin", "*");
		response.setHeader("Access-Control-Allow-Headers", "X-Requested-With");
	}

	@POST
	@Path("/refreshEmployees")
	public void refreshEmployees() {

		EmployeeDao empDao = new EmployeeDao();

		empDao.deleteAllEmployees();

		Employee emp1 = new Employee("test123", "Michiel", "Staessen", "michiel.staessen@student.kuleuven.be", "4203", 1, "user");
		Employee emp2 = new Employee("test123", "Jan", "Verhulst", "jan.verhulst@capgemini.com", "4204", 2, "admin");
		Employee emp3 = new Employee("test123", "Sander", "Vann Loock", "sander.vanloock1@student.kuleuven.be", "4205", 3, "user");
		Employee emp4 = new Employee("test123", "Tim", "Ameye", "tim.ameye@student.kuleuven.be", "4206", 4, "user");
		Employee emp5 = new Employee("test123", "Bert", "Outtier", "bert.outtier@student.kuleuven.be", "4207", 5, "user");
		Employee emp6 = new Employee("test123", "Gonzalo", "Parra", "gonzalo.parra@cs.kuleuven.be", "4208", 6, "user");
		Employee emp7 = new Employee("test123", "Erik", "Duval", "erik.duval@cs.kuleuven.be", "4208", 7, "user");
		Employee emp8 = new Employee("test123", "Jannik", "Persoons", "jannik.persoons@capgemini.com", "4208", 8, "admin");
		Employee emp9 = new Employee("test123", "Admin", "user", "admin@expense.com", "4209", 9, "admin");

		empDao.saveOrUpdate(emp1);
		empDao.saveOrUpdate(emp2);
		empDao.saveOrUpdate(emp3);
		empDao.saveOrUpdate(emp4);
		empDao.saveOrUpdate(emp5);
		empDao.saveOrUpdate(emp6);
		empDao.saveOrUpdate(emp7);
		empDao.saveOrUpdate(emp8);
		empDao.saveOrUpdate(emp9);
	}

	@POST
	@Path("/login")
	public String login(@FormParam("email") String email, @FormParam("password") String password, @Context HttpServletResponse response) {
		String token = null;
		EmployeeDao empDao = new EmployeeDao();
		response.setHeader("Access-Control-Allow-Origin", "*");
		Employee emp = empDao.findByEmailAndPassword(email, password);
		if (emp != null) {
			token = UUID.randomUUID().toString();
			ExpenseContext expenseContext = new ExpenseContext();
			expenseContext.setToken(token);
			expenseContext.setEmployeeId(emp.getId());
			expenseContext.setLastAccess(new Date());
			new TokenDao().saveOrUpdate(expenseContext);
			return token;
		}

		return token;

	}

	@OPTIONS
	@Path("/logout")
	public void logout(@FormParam("token") String token, @Context HttpServletResponse response, @Context HttpServletRequest req) {
		response.setHeader("Access-Control-Allow-Origin", "*");
		response.setHeader("Access-Control-Allow-Headers", "X-Requested-With");
	}

	@POST
	@Path("/logout")
	public void logout(@FormParam("token") String token, @Context HttpServletResponse response) {
		response.setHeader("Access-Control-Allow-Origin", "*");
		TokenUtil.expireToken(token);
	}

	@OPTIONS
	@Path("/getEmployee")
	public void getEmployee(@FormParam("token") String token, @Context HttpServletResponse response, @Context HttpServletRequest req) {
		response.setHeader("Access-Control-Allow-Origin", "*");
		response.setHeader("Access-Control-Allow-Headers", "X-Requested-With");
	}

	@POST
	@Path("/getEmployee")
	@Produces("application/json")
	public Employee getEmployee(@FormParam("token") String token, @Context HttpServletResponse response) {
		ExpenseContext expContext = TokenUtil.accessToken(token);
		EmployeeDao empDao = new EmployeeDao();
		response.setHeader("Access-Control-Allow-Origin", "*");
		if (expContext != null) {
			return empDao.get(expContext.getEmployeeId());
		}
		return null;
	}

}
